On Mon, May 09, 2005 at 08:32:54AM -0400, Christopher Martin wrote: > kdenetwork 4:3.3.2-3, replacing 4:3.3.2-1 in Sarge, fixes a number of bugs, > including several that are RC. These packages have been in Sid for some > time, but held out due to missing buildds, so they've proven themselves > solid. The most recent upload, from late April, contained only packaging > changes:
Approved (though still waiting on a sarge upload). Going forward, it would be nice if you would check whether uuencoding something that's already a diff (and, er, not changing the name of a diff just because the date changed), so that changes can be reviewed using interdiff alone. I imagine this is being done here to guard against dpkg's failure to use -a when generating diffs, and I suspect it's not actually necessary if you've got everything in a diff file *anyway*, because the diff header itself ought to mark the file as ascii. > As for kdelibs, the sole change between 4:3.3.2-5 and 4:3.3.2-6 is that we > added a very small patch (from upstream) to upstream's latest security fix, > which caused regressions reading some image files. Definitely worth getting > into Sarge, even if the problem doesn't seem to have security implications. > > 23_kimgio_fix.diff > --- kde.orig/kimgio/rgb.cpp > +++ kde.patched/kimgio/rgb.cpp > @@ -272,7 +272,8 @@ bool SGIImage::readImage(QImage& img) > // sanity ckeck > if (m_rle) > for (uint o = 0; o < m_numrows; o++) > - if (m_starttab[o] + m_lengthtab[o] >= m_data.size()) > { > + // do not convert to >= > + if (m_starttab[o] + m_lengthtab[o] > m_data.size()) > { > kdDebug(399) << "image corrupt (sanity check > failed)" << endl; > return false; > } The accompanying changelog isn't very enlightening; what filetypes are broken, and why? Can you offer a pointer to discussion of this bug? -- Steve Langasek postmodern programmer
signature.asc
Description: Digital signature